Abstract
One of the most common types of denial of service attack on 802.11 based networks is resource depletion at AP side. APs meet such a problem through receiving flood probe or authentication requests which are forwarded by attackers whose aim are to make AP unavailable to legitimate users. The other most common type of DoS attack takes advantage of unprotected management frame. Malicious user sends deauthentication or disassociation frame permanently to disrupt the network. However 802.11w has introduced a new solution to protect management frames using WPA and WPA2, they are unprotected where WEP is used. This paper focuses on these two common attacks and proposes a solution based on letter envelop protocol and proof-of-work protocol which forces the users to solve a puzzle before completing the association process with AP. The proposed scheme is also resistant against spoofed puzzle solutions attack.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Nasreldin, M., Aslan, H., El-Hennawy, M., El-Hennawy, A.: WiMax Security. In: 22nd International Conference on Advanced Information Networking and Applications - Workshops (Aina Workshops 2008), pp. 1335–1340 (2008)
Yu, P.H., Pooch, U.W.: A Secure Dynamic Cryptographic And Encryption Protocol For Wireless Networks. In: EUROCON 2009, pp. 1860–1865. IEEE, St.-Petersburg (2009)
Gast, M.: 802.11® Wireless Networks The Definitive Guide. O’Reilly, Sebastopol (2005)
Bellardo, J., Savage, S.: 802.11 Denial-of-Service Attacks:Real Vulnerabilities and Practical Solutions. In: SSYM 2003 Proceedings of the 12th conference on USENIX Security Symposium, Washington, D.C., USA, vol. 12 (2003)
He, C., Mitchell, J.C.: Security analysis and improvements for IEEE802.11i. In: Proceedings of the 12th Annual Network and Distributed System Security Symposium (NDSS 2005), pp. 90–110 (2005)
Liu, C.-H., Huang, Y.-Z.: The analysis for DoS and DDoS attacks of WLAN. In: Second International Conference on MultiMedia and Information Technology, pp. 108–111 (2010)
Bicakci, K., Tavli, B.: Denial-of-Service attacks and countermeasures in IEEE 802.11 wireless networks. Computer Standards & Interfaces 31(5), 931–941 (2009)
Ding, P., Holliday, J., Celik, A.: Improving The Security of Wireless LANs By Managing 802.1x Disassociation. In: First IEEE Consumer Communications and Networking Conference,CCNC 2004, pp. 53–58 (2004)
IEEE Std 802.11wTM (September 30, 2009)
Zhang, Y., Sampalli, S.: Client-based Intrusion Prevention System for 802.11 Wireless LANs. In: IEEE 6th Intemational Conference on Wireless and Mobile Computing. Networking and Communications, Niagara Falls, Ontario, pp. 100–107 (2010)
Fayssal, S., Kim, N.U.: Performance Analysis Toolset for Wireless Intrusion Detection Systems. In: IEEE 2010 International Conference on High Performance Computing and Simulation (HPCS), Caen, France, pp. 484–490 (2010)
Nguyen, T.D., Nguyen, D.H.M., Tran, B.N., Vu, H., Mittal, N.: A lightweight solution for defending against deauthentication/disassociation attacks on 802.11 networks, pp. 1–6. IEEE, Los Alamitos (2008)
Dong, Q., Gao, L., Li, X.: A New Client-Puzzle Based DoS-Resistant Scheme of IEEE 802.11i Wireless Authentication Protocol. In: 3rd International Conference on Biomedical Engineering and Informatics (BMEI 2010), pp. 2712–2716 (2010)
Dwork, C., Naor, M.: Pricing via Processing or Combatting Junk Mail, pp. 139–147. Springer, Heidelberg (1992)
Jules, A., Brainard, J.: A Cryptographic Countermeasure against Connection Depletion Attacks, pp. 151–165. IEEE Computer Society, Los Alamitos (1999)
Shi, T.-j., Ma, J.-f.: Design and analysis of a wireless authentication protocol against DoS attacks based on Hash function. Aerospace Electronics Information Engineering and Control 28(1), 122–126 (2006)
Dong, Q., Gao, L., Li, X.: A New Client-Puzzle Based DoS-Resistant Scheme of IEEE 802.11i Wireless Authentication Protocol. In: 3rd International Conference on Biomedical Engineering and Informatics (BMEI 2010), pp. 2712–2716 (2010)
Laishun, Z., Minglei, Z., Yuanbo, G.: A Client Puzzle Based Defense Mechanism to Resist DoS Attacks in WLAN. In: 2010 International Forum on Information Technology and Applications, pp. 424–427. IEEE Computer Society, Los Alamitos (2010)
Abliz, M., Znati, T.: A Guided Tour Puzzle for Denial of Service Prevention. In: 2009 Annual Computer Security Applications Conference, pp. 279–288 (2009)
Nguyen, T.N., Tran, B.N., Nguyen, D.H.M.: A Lightweight Solution For Wireless Lan: Letter-Envelop Protocol. IEEE, Los Alamitos (2008)
IEEE Std 802.11TM (June 12, 2007)
Nguyen, T.D., Nguyen, D.H.M., Tran, B.N., Vu, H., Mittal, N.: A lightweight solution for defending against deauthentication/disassociation attacks on 802.11 networks, pp. 1–6. IEEE, Los Alamitos (2008)
Abliz, T.Z.M.: A Guided Tour Puzzle for Denial of Service Prevention. In: 2009 Annual Computer Security Applications Conference, pp. 279–288 (2009)
Patarin, J., Montreuil, A.: Benes and Butterfly Schemes Revisited. In: Won, D.H., Kim, S. (eds.) ICISC 2005. LNCS, vol. 3935, pp. 92–116. Springer, Heidelberg (2006)
Feng, W.-C., Kaiser, E., Feng, W.-C., Luu, A.: The Design and Implementation of Network Puzzles. In: Proceedings of IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies, INFOCOM 2005, Miami, Florida, USA, pp. 2372–2382 (2005)
Nasreldin, M., Aslan, H., El-Hennawy, M., El-Hennawy, A.: WiMax Security. In: 22nd International Conference on Advanced Information Networking and Applications - Workshops (Aina Workshops 2008), pp. 1335–1340 (2008)
Dwork, C., Naor, M.: Pricing via Processing or Combatting Junk Mail, pp. 139–147. Springer, Heidelberg (1992)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Ordi, A., Mousavi, H., Shanmugam, B., Abbasy, M.R., Najaf Torkaman, M.R. (2011). A Novel Proof of Work Model Based on Pattern Matching to Prevent DoS Attack. In: Cherifi, H., Zain, J.M., El-Qawasmeh, E. (eds) Digital Information and Communication Technology and Its Applications. DICTAP 2011. Communications in Computer and Information Science, vol 166. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21984-9_43
Download citation
DOI: https://doi.org/10.1007/978-3-642-21984-9_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21983-2
Online ISBN: 978-3-642-21984-9
eBook Packages: Computer ScienceComputer Science (R0)